package com.ydh.company.realm;


import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.List;

/**
 * @Author:wkl
 * @Date: 2020/4/22 20:25
 * @Version 0.0.1-SNAPSHOT
 */
@Component("myRealm2")
@SuppressWarnings("all")
public class MyRealm  {

   /* @Autowired
    private UserService userService;
    @Autowired
    private RedisTemplate<String,Object> jsonRedisTemplate;
    *//**
     * 授权的方法：看用户是否有对应的权限，
     * 这个地方我们要查询出用户拥有的权限列表
     * @param principalCollection
     * @return
     *//*
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        //获取用户名
        String userName = (String) principalCollection.getPrimaryPrincipal();
        //获取用户所有信息
//        User user = getAllUserByUserName(userName);
        //获取角色信息，权限信息
        List<String> roles = getRoles((User) jsonRedisTemplate.opsForValue().get("login:user:" + userName));
        List<String> auths = getAuths((User) jsonRedisTemplate.opsForValue().get("login:user:" + userName));
        //返回授权信息：角色和权限
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        //添加角色数据
        simpleAuthorizationInfo.addRoles(roles);
        //添加权限数据
        simpleAuthorizationInfo.addStringPermissions(auths);

        return simpleAuthorizationInfo;
    }

    *//**
     * 获取String 的 auth
     * @param user
     * @return
     *//*
    private List<String> getAuths(User user) {
        List<String> stringAuth = new ArrayList<>();
        //先获取角色
        List<Role> roles = user.getRoles();

        for (Role role : roles) {
            List<Auth> auths = role.getAuths();
            for (Auth auth : auths) {
                //空的权限不能加进去
                if (auth.getAuthUrl() == null || auth.getAuthUrl().isEmpty()) {
                    continue;
                }
                stringAuth.add(auth.getAuthUrl());
            }
        }
        return stringAuth;
    }

    *//**
     * 获取String 的 roles
     * @param user
     * @return
     *//*
    private List<String> getRoles(User user) {
        List<String> stringRoles = new ArrayList<>();

        List<Role> roles = user.getRoles();
        for (Role role : user.getRoles()) {
            //添加角色姓名
            stringRoles.add(role.getRoleName());
        }
        return stringRoles;
    }

    *//**
     * 查询用户的所有信息
     * @param userName
     * @return
     *//*
    private User getAllUserByUserName(String userName) {
        return userService.findAllUser(userName);
    }

    *//**
     * 认证：用户登录
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     *//*
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //通过token去获取用户名
        String userName = (String) authenticationToken.getPrincipal();
        //通过用户名去查询密码
        String password = getPwdByUserName(userName);
        //判断密码
        if (password == null){
            return null;
        }
        //返回认证信息
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(userName, password, "MyRealm");
        //设置密码加盐
        info.setCredentialsSalt(ByteSource.Util.bytes("java211"));
        return info;
    }

    *//**
     * 通过用户名去查询密码
     * @param userName
     * @return
     *//*
    private String getPwdByUserName(String userName) {
        //通过userService查询用户对象
        User dbUser = userService.findAllUser(userName);
        if (dbUser == null){
            return null;
        }
        //存储到redis中
        userService.saveUserToRedis(dbUser);

        return dbUser.getUserPassword();

    }*/
}
